-
Notifications
You must be signed in to change notification settings - Fork 279
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Introduce GatewayContext to propagate instrumentation specific traits #7304
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BenchmarksStartupParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 53 metrics, 10 unstable metrics. Startup time reports for petclinicgantt
title petclinic - global startup overhead: candidate=1.38.0-SNAPSHOT~eaf1c28272, baseline=1.38.0-SNAPSHOT~120b584fde
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.065 s) : 0, 1065014
Total [baseline] (10.288 s) : 0, 10288367
Agent [candidate] (1.062 s) : 0, 1061707
Total [candidate] (10.301 s) : 0, 10300905
section appsec
Agent [baseline] (1.188 s) : 0, 1187639
Total [baseline] (10.485 s) : 0, 10484717
Agent [candidate] (1.184 s) : 0, 1184038
Total [candidate] (10.494 s) : 0, 10493941
section iast
Agent [baseline] (1.18 s) : 0, 1179828
Total [baseline] (10.673 s) : 0, 10672731
Agent [candidate] (1.171 s) : 0, 1171101
Total [candidate] (10.764 s) : 0, 10763972
section profiling
Agent [baseline] (1.265 s) : 0, 1264561
Total [baseline] (10.602 s) : 0, 10602193
Agent [candidate] (1.272 s) : 0, 1271936
Total [candidate] (10.588 s) : 0, 10588362
gantt
title petclinic - break down per module: candidate=1.38.0-SNAPSHOT~eaf1c28272, baseline=1.38.0-SNAPSHOT~120b584fde
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (666.417 ms) : 0, 666417
BytebuddyAgent [candidate] (664.094 ms) : 0, 664094
GlobalTracer [baseline] (305.357 ms) : 0, 305357
GlobalTracer [candidate] (305.05 ms) : 0, 305050
AppSec [baseline] (50.113 ms) : 0, 50113
AppSec [candidate] (49.8 ms) : 0, 49800
Remote Config [baseline] (672.119 µs) : 0, 672
Remote Config [candidate] (667.823 µs) : 0, 668
Telemetry [baseline] (7.74 ms) : 0, 7740
Telemetry [candidate] (7.649 ms) : 0, 7649
section appsec
BytebuddyAgent [baseline] (679.659 ms) : 0, 679659
BytebuddyAgent [candidate] (677.863 ms) : 0, 677863
GlobalTracer [baseline] (299.343 ms) : 0, 299343
GlobalTracer [candidate] (298.888 ms) : 0, 298888
AppSec [baseline] (154.05 ms) : 0, 154050
AppSec [candidate] (153.83 ms) : 0, 153830
IAST [baseline] (22.176 ms) : 0, 22176
IAST [candidate] (19.475 ms) : 0, 19475
Remote Config [baseline] (625.561 µs) : 0, 626
Remote Config [candidate] (623.903 µs) : 0, 624
Telemetry [baseline] (8.013 ms) : 0, 8013
Telemetry [candidate] (8.3 ms) : 0, 8300
section iast
BytebuddyAgent [baseline] (785.289 ms) : 0, 785289
BytebuddyAgent [candidate] (778.692 ms) : 0, 778692
GlobalTracer [baseline] (297.186 ms) : 0, 297186
GlobalTracer [candidate] (295.82 ms) : 0, 295820
AppSec [baseline] (47.545 ms) : 0, 47545
AppSec [candidate] (47.017 ms) : 0, 47017
IAST [baseline] (27.91 ms) : 0, 27910
IAST [candidate] (28.534 ms) : 0, 28534
Remote Config [baseline] (579.974 µs) : 0, 580
Remote Config [candidate] (569.389 µs) : 0, 569
Telemetry [baseline] (7.715 ms) : 0, 7715
Telemetry [candidate] (6.912 ms) : 0, 6912
section profiling
BytebuddyAgent [baseline] (662.971 ms) : 0, 662971
BytebuddyAgent [candidate] (666.256 ms) : 0, 666256
GlobalTracer [baseline] (388.966 ms) : 0, 388966
GlobalTracer [candidate] (391.87 ms) : 0, 391870
AppSec [baseline] (51.359 ms) : 0, 51359
AppSec [candidate] (51.804 ms) : 0, 51804
Remote Config [baseline] (638.681 µs) : 0, 639
Remote Config [candidate] (657.613 µs) : 0, 658
Telemetry [baseline] (7.349 ms) : 0, 7349
Telemetry [candidate] (7.438 ms) : 0, 7438
ProfilingAgent [baseline] (96.104 ms) : 0, 96104
ProfilingAgent [candidate] (96.27 ms) : 0, 96270
Profiling [baseline] (96.129 ms) : 0, 96129
Profiling [candidate] (96.294 ms) : 0, 96294
Startup time reports for insecure-bankgantt
title insecure-bank - global startup overhead: candidate=1.38.0-SNAPSHOT~eaf1c28272, baseline=1.38.0-SNAPSHOT~120b584fde
dateFormat X
axisFormat %s
section tracing
Agent [baseline] (1.069 s) : 0, 1069360
Total [baseline] (8.531 s) : 0, 8530958
Agent [candidate] (1.062 s) : 0, 1061570
Total [candidate] (8.488 s) : 0, 8487657
section iast
Agent [baseline] (1.169 s) : 0, 1168719
Total [baseline] (8.929 s) : 0, 8928847
Agent [candidate] (1.17 s) : 0, 1170251
Total [candidate] (8.919 s) : 0, 8918730
section iast_HARDCODED_SECRET_DISABLED
Agent [baseline] (1.171 s) : 0, 1170646
Total [baseline] (8.928 s) : 0, 8928200
Agent [candidate] (1.186 s) : 0, 1185565
Total [candidate] (8.935 s) : 0, 8935374
section iast_TELEMETRY_OFF
Agent [baseline] (1.166 s) : 0, 1165822
Total [baseline] (8.959 s) : 0, 8959322
Agent [candidate] (1.167 s) : 0, 1167458
Total [candidate] (8.985 s) : 0, 8984781
gantt
title insecure-bank - break down per module: candidate=1.38.0-SNAPSHOT~eaf1c28272, baseline=1.38.0-SNAPSHOT~120b584fde
dateFormat X
axisFormat %s
section tracing
BytebuddyAgent [baseline] (669.007 ms) : 0, 669007
BytebuddyAgent [candidate] (664.051 ms) : 0, 664051
GlobalTracer [baseline] (307.249 ms) : 0, 307249
GlobalTracer [candidate] (304.572 ms) : 0, 304572
AppSec [baseline] (50.078 ms) : 0, 50078
AppSec [candidate] (50.089 ms) : 0, 50089
Remote Config [baseline] (673.551 µs) : 0, 674
Remote Config [candidate] (672.98 µs) : 0, 673
Telemetry [baseline] (7.687 ms) : 0, 7687
Telemetry [candidate] (7.654 ms) : 0, 7654
section iast
BytebuddyAgent [baseline] (778.014 ms) : 0, 778014
BytebuddyAgent [candidate] (778.452 ms) : 0, 778452
GlobalTracer [baseline] (295.33 ms) : 0, 295330
GlobalTracer [candidate] (295.205 ms) : 0, 295205
AppSec [baseline] (47.984 ms) : 0, 47984
AppSec [candidate] (47.134 ms) : 0, 47134
IAST [baseline] (26.452 ms) : 0, 26452
IAST [candidate] (27.64 ms) : 0, 27640
Remote Config [baseline] (574.323 µs) : 0, 574
Remote Config [candidate] (583.736 µs) : 0, 584
Telemetry [baseline] (6.928 ms) : 0, 6928
Telemetry [candidate] (7.779 ms) : 0, 7779
section iast_HARDCODED_SECRET_DISABLED
BytebuddyAgent [baseline] (779.996 ms) : 0, 779996
BytebuddyAgent [candidate] (790.328 ms) : 0, 790328
GlobalTracer [baseline] (295.488 ms) : 0, 295488
GlobalTracer [candidate] (299.408 ms) : 0, 299408
AppSec [baseline] (47.226 ms) : 0, 47226
AppSec [candidate] (47.998 ms) : 0, 47998
IAST [baseline] (26.925 ms) : 0, 26925
IAST [candidate] (26.576 ms) : 0, 26576
Remote Config [baseline] (566.594 µs) : 0, 567
Remote Config [candidate] (574.269 µs) : 0, 574
Telemetry [baseline] (6.887 ms) : 0, 6887
Telemetry [candidate] (6.978 ms) : 0, 6978
section iast_TELEMETRY_OFF
BytebuddyAgent [baseline] (775.564 ms) : 0, 775564
BytebuddyAgent [candidate] (776.814 ms) : 0, 776814
GlobalTracer [baseline] (294.766 ms) : 0, 294766
GlobalTracer [candidate] (295.528 ms) : 0, 295528
AppSec [baseline] (47.012 ms) : 0, 47012
AppSec [candidate] (47.102 ms) : 0, 47102
IAST [baseline] (27.583 ms) : 0, 27583
IAST [candidate] (26.99 ms) : 0, 26990
Remote Config [baseline] (599.682 µs) : 0, 600
Remote Config [candidate] (603.194 µs) : 0, 603
Telemetry [baseline] (6.794 ms) : 0, 6794
Telemetry [candidate] (6.892 ms) : 0, 6892
LoadParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 13 metrics, 15 unstable metrics. Request duration reports for petclinicgantt
title petclinic - request duration [CI 0.99] : candidate=1.38.0-SNAPSHOT~eaf1c28272, baseline=1.38.0-SNAPSHOT~120b584fde
dateFormat X
axisFormat %s
section baseline
no_agent (1.354 ms) : 1335, 1374
. : milestone, 1354,
appsec (1.711 ms) : 1688, 1735
. : milestone, 1711,
appsec_no_iast (1.722 ms) : 1698, 1747
. : milestone, 1722,
iast (1.467 ms) : 1444, 1489
. : milestone, 1467,
profiling (1.5 ms) : 1474, 1527
. : milestone, 1500,
tracing (1.467 ms) : 1442, 1491
. : milestone, 1467,
section candidate
no_agent (1.352 ms) : 1333, 1372
. : milestone, 1352,
appsec (1.717 ms) : 1692, 1741
. : milestone, 1717,
appsec_no_iast (1.716 ms) : 1692, 1740
. : milestone, 1716,
iast (1.473 ms) : 1450, 1495
. : milestone, 1473,
profiling (1.491 ms) : 1466, 1516
. : milestone, 1491,
tracing (1.451 ms) : 1427, 1475
. : milestone, 1451,
Request duration reports for insecure-bankgantt
title insecure-bank - request duration [CI 0.99] : candidate=1.38.0-SNAPSHOT~eaf1c28272, baseline=1.38.0-SNAPSHOT~120b584fde
dateFormat X
axisFormat %s
section baseline
no_agent (370.24 µs) : 351, 390
. : milestone, 370,
iast (488.086 µs) : 466, 510
. : milestone, 488,
iast_FULL (553.636 µs) : 533, 575
. : milestone, 554,
iast_GLOBAL (514.953 µs) : 491, 539
. : milestone, 515,
iast_HARDCODED_SECRET_DISABLED (483.168 µs) : 462, 504
. : milestone, 483,
iast_INACTIVE (453.595 µs) : 433, 475
. : milestone, 454,
iast_TELEMETRY_OFF (471.531 µs) : 450, 493
. : milestone, 472,
tracing (447.182 µs) : 427, 468
. : milestone, 447,
section candidate
no_agent (364.869 µs) : 345, 385
. : milestone, 365,
iast (486.462 µs) : 466, 507
. : milestone, 486,
iast_FULL (553.755 µs) : 533, 575
. : milestone, 554,
iast_GLOBAL (516.408 µs) : 493, 540
. : milestone, 516,
iast_HARDCODED_SECRET_DISABLED (481.579 µs) : 460, 503
. : milestone, 482,
iast_INACTIVE (453.296 µs) : 433, 474
. : milestone, 453,
iast_TELEMETRY_OFF (470.208 µs) : 449, 491
. : milestone, 470,
tracing (446.01 µs) : 425, 467
. : milestone, 446,
DacapoParameters
See matching parameters
SummaryFound 0 performance improvements and 0 performance regressions! Performance is the same for 12 metrics, 0 unstable metrics. Execution time for tomcatgantt
title tomcat - execution time [CI 0.99] : candidate=1.38.0-SNAPSHOT~eaf1c28272, baseline=1.38.0-SNAPSHOT~120b584fde
dateFormat X
axisFormat %s
section baseline
no_agent (1.455 ms) : 1443, 1466
. : milestone, 1455,
appsec (2.221 ms) : 2186, 2257
. : milestone, 2221,
iast (1.968 ms) : 1926, 2010
. : milestone, 1968,
iast_GLOBAL (2.009 ms) : 1966, 2052
. : milestone, 2009,
profiling (1.866 ms) : 1830, 1901
. : milestone, 1866,
tracing (1.828 ms) : 1795, 1860
. : milestone, 1828,
section candidate
no_agent (1.459 ms) : 1447, 1470
. : milestone, 1459,
appsec (2.218 ms) : 2183, 2253
. : milestone, 2218,
iast (1.972 ms) : 1930, 2014
. : milestone, 1972,
iast_GLOBAL (2.002 ms) : 1960, 2043
. : milestone, 2002,
profiling (1.842 ms) : 1808, 1876
. : milestone, 1842,
tracing (1.83 ms) : 1797, 1862
. : milestone, 1830,
Execution time for biojavagantt
title biojava - execution time [CI 0.99] : candidate=1.38.0-SNAPSHOT~eaf1c28272, baseline=1.38.0-SNAPSHOT~120b584fde
dateFormat X
axisFormat %s
section baseline
no_agent (15.083 s) : 15083000, 15083000
. : milestone, 15083000,
appsec (14.939 s) : 14939000, 14939000
. : milestone, 14939000,
iast (18.692 s) : 18692000, 18692000
. : milestone, 18692000,
iast_GLOBAL (17.86 s) : 17860000, 17860000
. : milestone, 17860000,
profiling (15.035 s) : 15035000, 15035000
. : milestone, 15035000,
tracing (15.208 s) : 15208000, 15208000
. : milestone, 15208000,
section candidate
no_agent (15.396 s) : 15396000, 15396000
. : milestone, 15396000,
appsec (14.799 s) : 14799000, 14799000
. : milestone, 14799000,
iast (18.645 s) : 18645000, 18645000
. : milestone, 18645000,
iast_GLOBAL (17.986 s) : 17986000, 17986000
. : milestone, 17986000,
profiling (15.79 s) : 15790000, 15790000
. : milestone, 15790000,
tracing (14.956 s) : 14956000, 14956000
. : milestone, 14956000,
|
4d4a752
to
d0a4cfa
Compare
d0a4cfa
to
eaf1c28
Compare
manuel-alvarez-alvarez
approved these changes
Jul 11, 2024
smola
approved these changes
Jul 11, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
comp: asm waf
Application Security Management (WAF)
tag: no release notes
Changes to exclude from release notes
type: refactoring
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What Does This Do
Introduced GatewayContext. It used to describe instrumentations data traits that are passes through the InstrumentationGateway. Currently, each instrumentation data has:
isTransient
- to identify if the data is ephemeral or persistent within the requestisRasp
- to identity data origin for Exploit PreventionMotivation
This is part of Exploit prevention to let provide
ruleType
for the RASP instrumentations.Additional Notes
Jira ticket: APPSEC-47228